Using s3cmd and other Amazon S3-compatible apps with Azure Blob Storage
WRITTEN BY
/en-us/opensource/blog/author/alessandro-segala
Object storage is one of the core services offered by cloud platforms, as it allows developers to store any kind of unstructured data, conveniently and flexibly. Even if you’re not a developer, there are countless apps, libraries and tools that you can integrate in your daily workflow to leverage object storage on the cloud, for example for backups or just to store your data in a safe, reliable place.
Microsoft Azure provides excellent object storage with Azure Blob Storage, which offers unmatched durability, virtually infinite capacity and multiple tiers of storage, all at very convenient rates. However, because Azure Blob Storage was developed before the world decided to “standardize” on the S3 APIs, the two use different interfaces, and so most applications and libraries designed to work with Amazon S3 do not support Azure out-of-the-box. Many third-party and open source apps, libraries and tools are built to take advantage of S3, including very popular tools like s3cmd; not all of them have built-in support for Azure Blob Storage, however.
Enter Minio
The solution is incredibly simple, and it’s a free, lightweight, open source app called Minio: an object storage server that exposes S3-compatible APIs. Minio’s main goal was to simply expose local storage as object storage, but recently the developers have implemented a gateway feature that allows proxying requests to — you guessed it — Azure Blob Storage.
In short, Minio allows us to convert Azure Blob Storage APIs to Amazon S3! Best of all: Minio itself is very lightweight (written in Golang), and it’s available as a Docker container.
Running Minio as a Docker container is really simple:
$ docker run -p 9000:9000
-e
"MINIO_ACCESS_KEY=azureaccountname"
-e
"MINIO_SECRET_KEY=azureaccountkey"
minio
/minio
gateway azure
Minio on Web Apps on Linux
Minio is a self-hosted solution, which means that you will need a server to run it. Thanks to Minio developers publishing Docker containers, however, a very simple and cost-effective solution is to use Azure Web Apps on Linux and custom container support.
To deploy Minio on an Azure Web App, follow these simple steps. You will need the Azure CLI 2.0 (or “az cli”) installed on your machine, and, of course, an Azure subscription (or a free trial).
If you haven’t done it already, log in to Azure using the CLI with this command, then follow the instructions on the terminal to authenticate using the web browser:
$ az login
$ az group create --name
"Minio"
--location
"WestUS"
$ az storage account create
--name
"aleminiostorage"
--kind BlobStorage
--sku Standard_LRS
--access-tier Cool
--resource-group
"Minio"
--location
"WestUS"
$ az storage account show-connection-string
--name
"aleminiostorage"
--resource-group
"Minio"
# Output
{
"connectionString"
:
"DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=aleminiostorage;AccountKey=rOduFZr22jJ+..."
}
The Account Key is at the end of the connectionString parameter (in bold above, truncated), and it’s a base64-encoded string. Take note of that, as we’ll need it in the next steps.
It’s now time to deploy Minio to the Web App on Linux. First, we need to create an App Service Plan, which represents the managed VM(s) that will serve our app; after that, we’re creating a Web App inside it. We’re picking a “B1” (Basic 1) tier, which should be enough to run our lightweight Minio app; note also the --is-linux flag, to create a Linux-based Web App. As in the case of the storage account, the name of the Web App (aleminio in the example below) has to be globally unique too. We’re also configuring the Web App to run the minio/minio image from Docker Hub.
Note: Traffic between your Azure Web App and the Azure Storage Account is free of charge, for as long as the two are in the same Azure Region.
# Create the App Service Plan
$ az appservice plan create
--name
"MinioAppPlan"
--is-linux
--sku B1
--resource-group
"Minio"
--location
"WestUS"
# Create the Web App configured with the minio/minio container
$ az webapp create
--name
"aleminio"
--deployment-container-image-name
"minio/minio"
--plan
"MinioAppPlan"
--resource-group
"Minio"
The Web App on Linux should now be up and running, at the URL webappname.azurewebsites.net – in my example, https://aleminio.azurewebsites.net.
On the last step, let’s configure Minio on the Web App. First, we need to pass the configuration as environmental variables, similarly to what we did with the -e flag in the Docker run command above. We then need to tell the Web App what command to execute on the Docker container to start Minio in gateway mode.
# Environmental variables
# The value for MINIO_ACCESS_KEY is the name of the Storage Account
# Fill MINIO_SECRET_KEY with the Storage Account Key instead
$ az webapp config appsettings
set
--settings
"MINIO_ACCESS_KEY=aleminiostorage"
"MINIO_SECRET_KEY=rOduFZr22jJ+..."
"PORT=9000"
--name
"aleminio"
--resource-group
"Minio"
# Startup command
$ az webapp config
set
--startup-
file
"gateway azure"
--name
"aleminio"
--resource-group
"Minio"
We’re done! Give the Web App a few seconds to start, then you’ll have your Minio Amazon S3-compatible gateway working!
Configure your client apps/libraries with the following settings:
- S3 endpoint:
https://webappname.azurewebsites.net, replacing webappname with the name of your Web App (and note the use of https) - Access Key: the name of your Azure Blob Storage Account; in the example above, aleminiostorage
- Secret Key: the Account Key of your Azure Blob Storage Account
s3cmd
As an example, let’s configure s3cmd to use our own Minio server.
Download the s3cmd binary from GitHub and extract it somewhere.
Note: make sure you’re using s3cmd 2.0.1 or higher, as previous releases have issues with Minio as gateway to Azure Storage. Likewise, please make sure you’re using Minio 2017-10-27 or higher.
Create then a file named ~/.s3cfg to configure s3cmd:
# Setup endpoint: hostname of the Web App
host_base = aleminio.azurewebsites.net
host_bucket = aleminio.azurewebsites.net
# Leave as default
bucket_location = us-east-1
use_https = True
# Setup access keys
# Access Key = Azure Storage Account name
access_key = aleminiostorage
# Secret Key = Azure Storage Account Key
secret_key = rOduFZr22jJ+...
# Use S3 v4 signature APIs
signature_v2 = False
# Create a bucket
$ .
/s3cmd
mb s3:
//testbucket
Bucket
's3://testbucket/'
created
# List all buckets
$ .
/s3cmd
ls
s3:
//
2017-06-12 19:58 s3:
//testbucket
# Uplaod some files
$ .
/s3cmd
put photos/* s3:
//testbucket
That’s it! Now it’s your turn to play with Minio on Azure. From deploying apps on Azure that wouldn’t work with our object storage before, to using s3cmd with Azure Blob Storage for backups, it’s now possible, and easy to do.
Questions or comments? Let me know in the comments.
